{"id":24840412,"url":"https://github.com/yandex-cloud-examples/yc-static-keys-in-lockbox","last_synced_at":"2025-03-26T05:21:02.531Z","repository":{"id":274860575,"uuid":"914960265","full_name":"yandex-cloud-examples/yc-static-keys-in-lockbox","owner":"yandex-cloud-examples","description":"Хранение статических ключей доступа в Yandex Lockbox.","archived":false,"fork":false,"pushed_at":"2025-01-29T19:08:35.000Z","size":9,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-29T20:23:13.140Z","etag":null,"topics":["iam","lockbox","terraform","yandex-cloud","yandexcloud"],"latest_commit_sha":null,"homepage":"https://yandex.cloud/ru/docs/iam/tutorials/static-key-in-lockbox","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yandex-cloud-examples.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-01-10T17:00:48.000Z","updated_at":"2025-01-22T17:01:12.000Z","dependencies_parsed_at":"2025-01-29T20:23:15.358Z","dependency_job_id":"906e8e8c-c83a-48ac-a02c-5b1e2900311c","html_url":"https://github.com/yandex-cloud-examples/yc-static-keys-in-lockbox","commit_stats":null,"previous_names":["yandex-cloud-examples/yc-static-keys-in-lockbox"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yandex-cloud-examples%2Fyc-static-keys-in-lockbox","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yandex-cloud-examples%2Fyc-static-keys-in-lockbox/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yandex-cloud-examples%2Fyc-static-keys-in-lockbox/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yandex-cloud-examples%2Fyc-static-keys-in-lockbox/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yandex-cloud-examples","download_url":"https://codeload.github.com/yandex-cloud-examples/yc-static-keys-in-lockbox/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245592655,"owners_count":20640880,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["iam","lockbox","terraform","yandex-cloud","yandexcloud"],"created_at":"2025-01-31T06:56:31.937Z","updated_at":"2025-03-26T05:21:02.511Z","avatar_url":"https://github.com/yandex-cloud-examples.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Использование секрета Yandex Lockbox для хранения статического ключа доступа\n\nЕсли вы часто используете сервисы с AWS-совместимым API, например [Yandex Object Storage](https://yandex.cloud/ru/docs/storage/), [Yandex Data Streams](https://yandex.cloud/ru/docs/data-streams/) или [Yandex Message Queue](https://yandex.cloud/ru/docs/message-queue/), вам приходится самостоятельно заботиться о безопасном хранении [статических ключей доступа](https://yandex.cloud/ru/docs/iam/concepts/authorization/access-key).\n\nВ данном руководстве рассматривается сценарий, при котором в качестве хранилища для статического ключа доступа используется [секрет](https://yandex.cloud/ru/docs/lockbox/concepts/secret) Yandex Lockbox. При этом значение ключа доступа не только не хранится локально на компьютере пользователя, но и не выводится на экран.\n\nПри обращении к ресурсу AWS-совместимого сервиса (Object Storage) статический ключ доступа и его идентификатор будут извлекаться из секрета Yandex Lockbox в специальные переменные окружения, которые будут использоваться для аутентификации запроса.\n\nТакой подход позволит обеспечить безопасность хранения ключа и его использования при обращении к сервисам.\n\nСоздание инфраструктуры с помощью Terraform описано в [практическом руководстве](https://yandex.cloud/ru/docs/iam/tutorials/static-key-in-lockbox/terraform), необходимый для настройки конфигурационный файл `static-key-in-lockbox-config.tf` расположен в этом репозитории.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyandex-cloud-examples%2Fyc-static-keys-in-lockbox","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyandex-cloud-examples%2Fyc-static-keys-in-lockbox","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyandex-cloud-examples%2Fyc-static-keys-in-lockbox/lists"}